Lucene search
K

35 matches found

CNVD
CNVD
added 2022/04/13 12:0 a.m.12 views

WordPress stopbadbots plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress stopbadbots plugin version 6.930 before the S...

3.6AI score
Exploits0Affected Software1
CNNVD
CNNVD
added 2022/04/11 12:0 a.m.5 views

WordPress plugin stopbadbots SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A security vulnerability exists in the WordPress plugin...

9.8CVSS8.4AI score0.07867EPSS
Exploits2References2
Patchstack
Patchstack
added 2022/03/21 12:0 a.m.7 views

WordPress StopBadBots plugin <= 7.02 - WordPress Options Update vulnerability

WordPress Options Update vulnerability discovered in WordPress StopBadBots plugin versions = 7.02. Solution Update the WordPress StopBadBots plugin to the latest available version at least 7.03...

2.8AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/12/18 12:0 a.m.19 views

WordPress StopBadBots plugin SQL injection vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. StopBadBots Plugin is a WordPress open source application plugin. WordPress StopBadBots Plugin in versions prior to...

9.8CVSS2.4AI score0.01575EPSS
Exploits2References1
OSV
OSV
added 2021/12/13 11:15 a.m.3 views

CVE-2021-24863

The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots WordPress plugin before 6.67 does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection...

9.8CVSS5.8AI score0.01575EPSS
Exploits2References1
CVE
CVE
added 2021/12/13 10:41 a.m.49 views

CVE-2021-24863

CVE-2021-24863 affects the WordPress plugin StopBadBots (StopBadBots WordPress plugin) prior to version 6.67. The vulnerability is a SQL injection caused by failure to sanitize and escape the User Agent before using it in a SQL statement to save it. Impact is unauthenticated access leading to dat...

9.8CVSS9.8AI score0.01575EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2021/12/13 12:0 a.m.4 views

WordPress和WordPress 插件 SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. StopBadBots Plugin is a WordPress open source application plugin. WordPress StopBadBots Plugin in versions prior to...

9.8CVSS6.2AI score0.01575EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2021/11/15 12:0 a.m.22 views

StopBadBots < 6.67 - Unauthenticated SQL Injection

The plugin does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection PoC GET / HTTP/1.1 User-Agent: Zongbot' where id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'-- - Accept:...

9.8CVSS9.2AI score0.01575EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2021/11/15 12:0 a.m.237 views

StopBadBots < 6.67 - Unauthenticated SQL Injection

The plugin does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection GET / HTTP/1.1 User-Agent: Zongbot' where id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'-- - Accept:...

9.8CVSS9.4AI score0.01575EPSS
Exploits2
Patchstack
Patchstack
added 2021/11/15 12:0 a.m.15 views

WordPress StopBadBots plugin <= 6.66 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by JrXnm in WordPress StopBadBots plugin versions = 6.66. Solution Update the WordPress StopBadBots plugin to the latest available version at least 6.67...

9.8CVSS3.4AI score0.01575EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2021/09/13 6:15 p.m.3 views

CVE-2021-24727

The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections...

8.8CVSS5.8AI score0.01659EPSS
Exploits2References3
NVD
NVD
added 2021/09/13 6:15 p.m.10 views

CVE-2021-24727

The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections...

8.8CVSS0.01659EPSS
Exploits2References3
Prion
Prion
added 2021/09/13 6:15 p.m.14 views

Sql injection

The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections...

6.5CVSS8.9AI score0.01659EPSS
Exploits2References3Affected Software1
CVE
CVE
added 2021/09/13 5:56 p.m.59 views

CVE-2021-24727

CVE-2021-24727 concerns the StopBadBots WordPress plugin prior to 6.60. The vulnerability arises from not validating/escaping the order and orderby GET parameter on certain admin dashboard pages, enabling authenticated SQL injections. Impact is authenticated SQLi with partial confidentiality/inte...

8.8CVSS9AI score0.01659EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/09/10 12:0 a.m.20 views

WordPress StopBadBots plugin <= 6.59 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Martin Vierula Trustwave in WordPress StopBadBots plugin versions = 6.59. Solution Update the WordPress StopBadBots plugin to the latest available version at least 6.60...

8.8CVSS3.4AI score0.01659EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder